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(54) Security system based on certification 



(57) The data containing reference data is trans- 
formed into signature data by a method which depends 
on a variable generated by the reference data, and the 
identification data is certified by inverse transformation 
of the signature data. The signature generating rule 
changes in dependence on the ref erence data, and it is 
therefore extremely difficult to analyze the signature 



generating rule from the medium or the card reader/writ- 
er so that the forgery or modification of magnetic or other 
data, which is otherwise easy to duplicate, can be made 
extremely difficult. Therefore, even when a reader is il- 
licitly obtained, and analyzed, it is extremely difficult to 
estimate the signature generating rule as it owes to the 
difficulty of solving a set of multivariate simultaneous 
equations. 
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Description 

TECHNICAL FIELD 

The present invention relates to a security system 
for preventing forgery and duplication of an object, such 
as a prepaid card, a credit card and an ID card, whose 
authenticity is required to be determined. 

BACKGROUND OF THE INVENTION 

As a means for preventing forgery or illicit duplica- 
tion of an object it has been proposed, for instance, to 
record a unique physical property of the object as data 
in advance, and to match the recorded data with the ac- 
tual physical property of the object when the authenticity 
of the object is required to be verified. However, this can- 
not entire prevent an illicit duplication of the object by 
analyzing the physical property and duplicating the 
physical property. 

According to a conventional security system, signa- 
ture data is generated from original data by using a sig- 
nature generating rule, and the authenticity of the orig- 
inal data is determined by verifying the signature data 
by using a signature verifying rule. The person who 
knows the signature verifying rule can verify the authen- 
ticity of the original data by verifying the signature data 
Also, only the person who knows the signature gener- 
ating rule can create his own signatured data, and 
change it Because this system allows the authenticity 
of the data to be determined in an effective manner, 
there have been some attempts to affix a recording me- 
dium of the data in the form of a seal onto an object as 
a proof of the authenticity of the object. 

However, even this system cannot totally prevent 
an attempt to forge the data by illicitly obtaining samples 
of signatured data and original data, and analyzing the 
data so as to decipher the signature generating rule and 
newly create signatured data. 

BRIEF SUMMARY OF THE INVENTION 

In view of such problems of the prior art, a primary 
object of the present invention is to provide a highly se- 
cure security system which can effectively prevent any 
forgery and duplication of an object 

A second object of the present invention is to pro- 
vide a security system is highly secure against any at- 
tempt to break it but does not require a targe number of 
data bits for its implementation. 

A third object of the present invention is to provide 
a highly secure security system which does not require 
any large processing load. 

A fourth object of the present invention is to provide 
a highly secure security system which can be econom- 
ically implemented. 

According to the present invention, such objects 
can be accomplished by providing a security system for 



preventing forgery or duplication of an object whose au- 
thenticity is required to be determined, comprising: a ref- 
erence region affixed to an object, the reference region 
including a physical marking which is machine readable 
$ and is so randomly formed as to prevent any duplication 
thereof; an identification data storage region for retain-, 
ing identification data which is based on reference data 
read from the reference region; and a signature data 
storage region for storing signature data for certifying 
the identification data; wherein the signature data is 
generated from the reference data and/or the identifica- 
tion data; and the authenticity of the object is determined 
according to a result of comparing the reference data 
read from the reference region with the reference data 
contained in the identification data and/or the signature 
data, and a result of certifying the identification data with 
the signature data, or by providing a security system for 
preventing forgery or duplication of an object whose au- 
thenticity is required to be determined, comprising: an 
identification data storage region for retaining identifica- 
tion data which is associated with a reference data, the 
reference data being individually assigned when writing 
the identification data into the identification data storage 
region; and a signature data storage region for storing 
signature data for certifying the identification data; 
wherein the signature data is generated by transforming 
data including the identification data and/or the refer- 
ence data by using a variable which is generated from 
the identification data and/or the reference data; and the 
authenticity of the object is determined according to a 
result of certifying the identification data with data gen- 
erated by inverse transformation of the signature data 
in a manner which corresponds to a variable generated 
from the identification data and/or the reference data. 

The authenticity of the identification data stored in 
the identification data storage region is determined ac- 
cording to the reference data which is either arbitrarily 
selected or machine readable from a reference region, 
the reference region being formed so as to be difficult 
to be synthetically reproduced, and the identification da- 
ta which is to be matched with the reference data, and 
solely by the signature data which is generated by a 
process dictated by the variable generated from the ref- 
erence data Therefore, even when a plurality of sam- 
ples are made available, because the signature gener- 
ating rule is different from one sample to another, anal- 
ysis of the signature generating rule is extremely diffi- 
cult, and without the knowledge of the signature gener- 
ating rule for each sample, it is also difficult to newly cre- 
ate the signatured data or to modify it. Even when the 
signatured data is simply duplicated, because the refer- 
ence data may vary from one object to another, its au- 
thenticity can be readily disproved, and any attempt to 
attach duplicated signature data to an illicit object pass 
off the illicit object for an authentic object can be readily 
detected. 

In particular, when the authenticity of the object is 
determined according to a result of matching the data 
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read from the reference region during the course of the 
determination process with the reference data included 
in the identification data or the signature data, and a re- 
sult of certifying the identification data, it is possible to 
detect an attempt copy the entire object carrying the sig- 
natured data because the level of agreement between 
the data read from the identification region during the 
course of the determination process with the reference 
data is low. In other words, the present invention can 
also effectively prevent simple copying of one object to 
another for illicit purpose. 

Further, when the identification data consists of a 
combination of administrative data for managing the ob- 
ject and the reference data, it is possible to even more 
effectively prevent any illicit attempt to newly create sig- 
nature data or to modify the data by separately compar- 
ing the administrative data with information associated 
with the object and the party which generated the sig- 
nature. 

When the signature data is generated from a com- 
pressed identification data obtained by data compress- 
ing the identification data, it is possible to reduce the bit 
length which is required to be processed, and to thereby 
reduce the time required for the signature verification. 

The reference region may be formed by randomly 
placing magnetic fibers in paper or synthetic resin ma- 
terial or by utilizing an unevenness in paper, surface ir- 
regularities of sheet material or other machine readable 
but synthetically unreproduceable region. Such technol- 
ogies are disclosed in United States Patents Nos. 
4,218,674 and 4,734,695, and Japanese patent laid- 
open publication (kokai) No. 6-168363. The contents of 
these prior patents are hereby incorporated in this ap- 
plication by reference. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Now the present invention is described in the fol- 
lowing with reference to the appended drawings, in 
which: 

Figure 1 is a front view of a prepaid card which is 
given as an exemplary object to which the present 
invention is applied; 

Figure 2 is a diagram showing an example of the 
card reader for the prepaid card; 
Figure 3 is a block diagram showing the procedure 
for making a card according to a first embodiment 
of the present invention; 

Figure 4 is a block diagram showing the details of 

the hashing process shown in Figure 3; 

Figure 5 is a block diagram showing the procedure 

for certifying and reading a card according to the 

first embodiment of the present Invention; 

Figure 6 is a view similar to Figure 3 showing the 

procedure for making a card according to a second 

embodiment of the present invention; and 

Figure 7 is a view similar to Figure 5 showing the 



procedure for certifying and reading a card accord- 
ing to the second embodiment of the present inven- 
tion. 

6 DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

Figure 1 shows a prepaid card to which the present 
invention is applied. This card 1 consists of a polyester 
sheet 2, and carries thereon a magnetic stripe 3 which 
includes a storage region for storing identification data, 
the identification data being generated by combining ad- 
ministrative data, which specifies the issuing party, the 
kind of the card and the purpose of the card, with refer- 
ence data which is described hereinafter, a perforation 
region 4 which is perforated as the card is spent, and a 
reference region 5 which is formed by randomly dispers- 
ing magnetic fibers in the resin material of the base 
sheet 2. The magnetic stripe 3 further includes a signa- 
ture data storage region which is described hereinafter. 
Figure 2 shows a card reader to which the present in- 
vention is applied. The card reader 10 is incorporated 
with a card conveying unit 12 which includes motor-ac- 
tuated rollers for taking a card into a slot 11, and ejecting 
the card 1 therefrom after the data is read. Along the 
length of the slot 11 are provided a magnetic head 13 
for reading data from the magnetic stripe 3 and an in- 
duction magnetic head 1 4 for reading data from the ref- 
erence region 5. Numeral 15 denotes a perforation unit 
for perforating the perforation region 4 of the card 1 to 
indicate how far the card is spent, and to destroy the 
reference region 5 as required. 

The procedure for generating signature data in the 
card 1 or the procedure for preparing the card is de- 
scribed in the following with reference to Figure 3. First 
of all, a signal is read from the reference region 5 along 
a reading path defined by the card reader as reference 
data F, and it is combined with the administrative data 
A. The combined data is written into an identification da- 
ta storage region of the magnetic stripe 3 as identifica- 
tion data M consisting of four 64-bit data blocks ml to 
m4. Then, a hashing process as indicated in Figure 4 is 
applied to the identification data M. More specifically, 
data block ml is combined with fixed 64-bit data blocks 
hO and hO 1 to generate a pair of 64-bit data blocks hi 
and hi'. Data block m2 is combined with the fixed data 
blocks hi and hi 1 to generate a pair of 64-bit data blocks 
h2 and h2\ This process is repeated four times until a 
pair of 64-bit data blocks h4 and h4* are obtained. The 
finally obtained hashed data D has a 1 28-bit data length. 

The hashed data D is combined with prescribed 
random data R as indicated in Figure 3 to generate input 
data Z having a bit length of 100 bits for instance, which 
is matched with the signature data to be written. An af- 
fine transformation L, a bijection polynomial transforma- 
tion P, and an affine transformation K are successively 
carried out on the hashed data 2 (Z-*Y-»X-*S) or, in 
other words, an arithmetic operation based on a signa- 
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ture generating function G is carried out to obtain final 
signature data S. The signature data S and the afore- 
mentioned identification data M are then written into the 
corresponding storage regions of the magnetic stripe 3. 
It is understood that the data which is written into the $ 
magnetic stripe is called as signatured data W. The sig- 
nature data storage region and the identification storage 
region may be arranged separator/ from each other, but 
may store the data after it is ciphered and combined with 
each other by suitable ciphering means not shown in the 
drawings. 

The bijection polynomial transformation P trans- 
forms an arbitrary element Y of a finite field into a certain 
element X, and the difficulty in analyzing the signature 
generating rule owes to the difficulty in solving a set of 
multivariate simultaneous equations. To further in- 
crease the difficulty in estimating signature generating 
function G from signature verifying function V which is 
described hereinafter, an affine transformation is carried 
out before and after the bijection polynomial transforma- 
tion. The constants hO and hO* for the hashing process 
may consist of arbitrary constants. 

Arbitrary constants may also be selected for the af- 
fine transformations L and K and the bijection polyno- 
mial transformation P which are applied to the signature 
generating function G t but in the present embodiment, 
these constants are selected and modified according to 
a unique variable generated from the reference data F. 
Because the constants hO and hO' as well as the con- 
stants for the affine transformations L and K and the bi- 
jection polynomial transformation P associated with the 
signature generating function can be arbitrarily select- 
ed, it is possible to a certification system in any one of 
a large number of possible ways, and the signature gen- 
erating rule can be made harder to estimate all the more. 
In particular, by intervening random data in the process 
of signature generation, the estimation of the signature 
generating data can be made even more difficult in an 
effective manner. 

When this card 1 is to be used, as shown in Figure 
5, first of all, the identification data M' in the signatured 
data W Is hashed in a similar fashion to produce hashed 
data D\ At the same time, the signature data S' in the 
signatured data W is inverse transformed by a multivar- 
iate polynomial-tuples (reverse of the Z-»Y-»X-*S 
transformation) or, in other words, by an arithmetic op- 
eration using a signature verifying function V. The data 
obtained by the inverse transformation using the multi- 
variate polynomial-tuples is separated into hashed data 
D" and random data R\ The signature is then verified 
by comparing the two sets of hashed data D' and D" to 
determine the authenticity of the original data. 

At the same time, the identification data M' is sep- 
arated int o reference data P and administrative data 
A'. The reference data F is compared with the reference 
data F" obtained from the identification region by the in- 
duction magnetic head 14, and the authenticity of the 
card is determined, data is verified by this signature ver- 



ifying process. Only when the results of comparison be- 
tween the two sets of hashed data D* and D a and be- 
tween the two sets of reference data F l and F' are both 
satisfactory or only when the authenticity of the card is 
determined, a good signal is produced from the deter- 
mining unit, and a prescribed service for each particular 
application is offered. It is also possible to produce a 
good signal when the administrative data A 1 matches 
with the administrative data A which was initially stored 
in means not shown in the drawings. 

Because the duplication of the reference region is 
practically impossible, the duplication of the entire card 
can be avoided. The reference data P which is read by 
the induction magnetic head 14 from the reference re- 
gion can vary every time it is read because some posi- 
tional errors are inevitable when conveying and stop- 
ping the card, the card may be soiled in different levels, 
and the magnetic state of the reference region normally 
changes with time. Therefore, in reality, the authenticity 
of the card may be verified when an agreement better 
than a certain tolerance level is established, instead of 
requiring an exact agreement For instance, when an 
attempt is made to extract the reference data P from the 
identification data M 1 stored as magnetic data, and read 
the reference data F a from the reference region 5 to 
compare them and analyze the relationship between 
them for illicit purpose, because the reference data F" 
changes every time it is read, it is quite impossible to 
analyze the relationship between the two sets of refer- 
ence data P and F" even when a number of samples 
are obtained. Thus, it is virtually impossible to make a 
card having an arbitrarily selected reference region, and 
to fabricate identification data M' which corresponds to 
the reference data obtained from the reference region. 
Furthermore, as it is extremely difficult to generate sig- 
nature data from the identification data as mentioned 
above, modification of the data is also extremely difficult. 
Thus, copying of the entire card (article), forging (dupli- 
cation) of the card, modification of data are all extremely 
difficult to carry out so that any illicit attempt on th e object 
can be effectively prevented. 

Figure 6 is a view similar to Figure 3 showing a sec- 
ond embodiment of the present invention. The basic 
structures of the prepaid card and the card reader are 
similar to those of the previous embodiment. 

Referring to Figure 6, when making a card, first of 
all, a signal is read from the reference region 5 along a 
reading path defined by using a machine such as the 
card reader as reference data F, which is then combined 
with the administrative data A: The combined data is 
written into an identification data storage region of the 
magnetic stripe 3 as identification data M consisting of 
four 64-bit data blocks ml to m4. Then, a hashing proc- 
ess such as the one described earlier with reference to 
Figure 4 is applied to the identification data M. This fi- 
nally results in hashed data D which is 128-bit long. 

The hashed data D is combined with prescribed 
random data R as indicated in Figure 6 to generate input 
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data Z having a bit length of 100 bits for instance, which 
is matched with the signature data to be written. An af- 
fine transformation L, a bijection polynomial transforma- 
tion P, and an affine transformation K are successively 
carried out on the hashed data Z (Z-*Y-»X->S) or, in 
other words, an arithmetic operation based on a signa- 
ture generating function G Is carried out to obtain final 
signature data S. The signature data S and the afore- 
mentioned identification data M are then written into the 
corresponding storage regions of the magnetic stripe 3. 
It is understood that the data which is written into the 
magnetic stripe is called as signatured data W. The sig- 
nature data storage region and the identification storage 
region may be arranged separately from each other, but 
may store the data after it is ciphered and combined with 
each other by suitable ciphering means not shown in the 
drawings. 

The bijection polynomial transformation P trans- 
forms an arbitrary element Y of a finite field into a certain 
element X, and the difficulty in analyzing the signature 
generating rule owes to the difficulty in solving a set of 
multivariate simultaneous equations. To further in- 
crease the difficulty in estimating signature generating 
function G from signature verifying function V, an affine 
transformation is carried out before and after the bijec- 
tion polynomial transformation. The constants hO and 
hO* for the hashing process may consist of arbitrary con- 
stants. 

Arbitrary constants may also be selected for the af- 
fine transformations L and K and the bijection polyno- 
mial transformation P which are applied to the signature 
generating function G, but in the present embodiment, 
these constants are selected and modified according to 
a unique variable u generated from the reference data 
F. This may be accomplished by looking up a table de- 
fining a relationship between the variable u and the con- 
stants. It is also possible to define a function which gen- 
erates the constants from the selected variable. In prac- 
tice, it is also possible to change the transformation al- 
gorithm itself for the bijection polynomial transformation 
P according to the variable u. It is thus possible to form 
a highly adaptable certification system and to make the 
estimation of the signature generating rule extremely 
difficult. In particular, by intervening random data in the 
process of signature generation, the estimation of the 
signature generating data can be made even more dif- 
ficult in an effective manner. 

When this card 1 is to be used, as shown in Figure 
7, first of all, the identification data M' in the signatured 
data W is separated into reference data F* and admin- 
istrative data A 1 . The reference data P is compared with 
reference data F' obtained by the induction magnetic 
head 14 from the reference region 5 to verify the authen- 
ticity of the card 1. When the authenticity of the card is 
verified, the hashing process is applied to the identifica- 
tion data M' in a similar manner to produce hashed data 
D\ At the same time, the signature data S' in the signa- 
tured data W 1 is inverse transformed by a multivariate 



polynomial- tuples (reverse of the Z-*Y-OC-+S transfor- 
mation) or, in other words, by an arithmetic operation 
using a signature verifying function V. At this point, var- 
iable u' is generated from the reference data P in a sim- 
s liar fashion to obtain the constant for the multivariate pol- 
ynomial- tuples or the inverse transformation algorithm. 
The data obtained by the inverse transformation using 
the multivariate polynomial- tuples is separated into 
hashed data D' and random data R\ The signature is 
io then verified by comparing the two sets of hashed data . 
O* and D" to determine the authenticity of the original 
data. Only when the verification process is completed 
in a normal manner or the authenticity of the card is ver- 
ified, a good signal is produced from the determining unit 
is to permit offering of services for each particular applica- 
tion. It is also possible to produce a good signal when 
the administrative data A' matches with the administra- 
tive data A which was initially stored in means not shown 
in the drawings. 

The reference region 5 was formed by randomly dis- 
persing magnetic fibers in the resin material of the base 
sheet 2 in the above described second embodiment, but 
it is also possible to simply form a bar code for recording 
the variable u. If the cycle of recording and reading is 
conducted in a relatively short period of time, it is also 
possible to set reference data on the reader/writer, in- 
stead of forming a reference region on the object, and 
change the reference data either regularly or irregularly. 

It is also possible to allow the relationship between 
the variable u and the constants to be manipulated from 
outside as illustrated in Figures 6 and 7. For instance, 
the table for associating the variable u with the constants 
or the mathematical function for generating the con- 
stants from th e variable u may be adapted to be modified 
from outside. The same is true with the arrangement for 
changing the transformation algorithm of the bijection 
polynomial transformation itself according to the varia- 
ble u. 

The object consisted of an information storage card 
or an ID card in the above described embodiments, but 
it is obvious for a person skilled in the art that the present 
invention can be applied to jewelry, security notes, and 
keys to rooms and vehicles which have known values, 
and are required to be verified of their authenticity. 

Thus, according to the present invention, a highly 
complex certification system can be achieved by using 
signature data consisting of a relatively small bit length. 
Furthermore, the processing time required for signature 
generation and signature verification is not increased, 
and the sizes of the program and the memory required 
for executing the algorithm are no more than what can 
be readily incorporated in a conventional card reader/ 
writer without any problem. 

In particular when the identification data is matched 
with the reference data read from a region which cannot 
be easily reproduced or duplicated, it is. extremely diffi- 
cult to illicitly duplicate the object such as an information 
storage card. Also, it is extremely difficult to analyze the 
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system from a number of samples of the object 

It is also difficult to analyze the signature generating 
rule from the card or the card reader. In other words, 
even when a card reader is obtained, and is analyzed, 
it still is extremely difficult to estimate the signature gen- $ 
erating rule because the difficulty owes to the difficulty 
in solving a set of multivariate simultaneous equations. 

The data containing the reference data is trans- 
formed into the signature data by a method which de- 
pends on a variable generated by the reference data, 10 
and the identification data is certified by inverse trans- 
formation of the signature data. The signature generat- 
ing rule changes in dependence on the reference data 
(or a variable generated thereby), and it is therefore ex- 
tremely difficult to analyze the signature generating rule ?5 
from the medium (object) or the card reader/writer so 
that the forgery or modification of the magnetic data, 
which is otherwise easy to duplicate, can be made ex- 
tremely difficult. Therefore, even when a reader (signa- 
ture verifier) is illicitly obtained, and analyzed, it is ex- 20 
tremely difficult to estimate the signature generating rule 
as it owes to the difficulty of solving a set of multivariate 
simultaneous equations. Furthermore, because the sig- 
nature generating rule changes for each particular ref- 
erence data (For instance, if the object has its own 2s 
unique reference data, the signature generating rule 
changes for each object), the analysis of the reference 
data is so difficult that any attempt to generate or modify 
signatured data can be effectively prevented. 

Furthermore, by using reference data which is ob- 30 
tained from a non-reproduceable reference region, and 
requiring the matching between the reference data read 
from the reference region with the signatured identifica- 
tion data when determining the authenticity of the article, 
any illicit attempt to duplicate the object or the card will 35 
be made extremely difficult Likewise, analyzing the sys- 
tem from a plurality of card samples is also extremely 
difficult to accomplish. 

Although the present invention has been described 
in terms of preferred embodiments thereof, it is obvious 40 
to a person skilled in the art that various alterations and 
modifications are possible without departing from the 
scope of the present invention which is set forth in the 
appended claims. 



Claims 

1. A security system for preventing forgery or duplica- 
tion of an object whose authenticity is required to so 
be determined, comprising: 

a reference region affixed to an object, said ref- 
erence region including a physical marking 
which is machine readable and is so randomly ss 
formed as to prevent any duplication thereof; 
an identification data storage region for retain- 
ing identification data which is based on refer- 



ence data read from said reference region; and 
a signature data storage region for storing sig- 
nature data for certifying said identification da- 
ta; 

wherein said signature data is generated from 
said reference data and/or said identification 
data; and 

the authenticity of said object is determined ac- 
cording to a result of comparing said reference 
data read from said reference region with said 
reference data contained in said identification 
data and/or said signature data, and a result of 
certifying said identification data with said sig- 
nature data. 

2. A security system based on certification according 
to claim 1, wherein said identification data consists 
of a combination of administrative data for manag- 
ing said object and said reference data. 

3. A security system based on certification according 
to claim 1 , wherein said signature data is generated 
from a compressed identification data obtained by 
data compressing said identification data. 

4. A security system based on certification according 
to claim 1 , wherein said reference region is formed 
by randomly placing magnetic fibers in paper and/ 
or synthetic resin material. 

5. A security system for preventing forgery or duplica- 
tion of an object whose authenticity is required to 
be determined, comprising: 

an identification data storage region for retain- 
ing identification data which is associated with 
a reference data, said reference data being in- 
dividually assigned when writing said identifica- 
tion data into said identification data storage re- 
gion; and 

a signature data storage region for storing sig- 
nature data for certifying said identification da- 
ta; 

wherein said signature data is generated by 
transforming data including said identification 
data and/or said reference data by using a first 
variable which is generated from said identifi- 
cation data and/or said reference data; and 
the authenticity of said object is determined ac- 
cording to a result of certifying said identifica- 
tion data with data generated by inverse trans- 
formation of said signature data in a manner 
which corresponds to a second variable gener- 
ated from said identification data and/or said 
reference data. 

6. A security system based on certification according 
to claim 5, wherein said reference data is generated 
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by reading data from a reference region which is 
affixed to said object and is machine readable, said 
identification region being formed in such a physi- 
cally random fashion as to make any duplication of 
said identification region extremely difficult s 

7. A security system based on certification according 
to claim 5, wherein the authenticity of said object is 
determined according to a result of matching said 
reference data read from said reference region dur- 10 
ing the course of an authenticity determination proc- 
ess with said reference data included in said iden- 
tification data and/or said signature data, and a re- 
sult of certifying said identification data with said da- 
ta generated by inverse transformation of said sig- 
nature data in a manner which corresponds to a 
second variable generated from said identification 
data and/or said reference data. 

8. A security system based on certification according 20 
to claim 5, wherein said identification data consists 

of a combination of administrative data for manag- 
ing said object and said reference data. 

9. A security system based on certification according 25 
to any claim 5, wherein said signature data is gen r 

e rated from a compressed identification data ob- 
tained by data compressing said identification data. 

10. A security system based on certification according 30 
to claim 5, wherein said reference region is formed 

by randomly placing magnetic fibers in paper or 
synthetic resin material. 

11. A security system based on certification according 35 
to claim 5, wherein said first variable is related to a 
constant of said transformation. 

12. A security system based on certification according 

to claim 5 t wherein said first variable is related to *o 
an algorithm for said transformation. 

13. A security system based on certification according 
to claim 5, wherein said transformation comprises 

a bijection polynomial transformation. 45 

14. A security system based on certification according 
to claim 5, wherein said transformation further com- 
prises an affine transformation. 

, so 

15. A security system based on certification according 
to claim 1, wherein said transformation comprises 
a bijection polynomial transformation. 

16. A security system based on certification according 55 
to claim 1 , wherein said transformation further com- 
prises an affine transformation. 
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Fig . 2 
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Fig . 3 
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Fig. 4 
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Fig. 5 
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Fig . 6 
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Fig. 7 
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